Newsrooms may revisit security after AP hacking

The Syrian Electronic Army, which supports President Bashar al-Assad, reportedly hacked into BBC Weather's Twitter account earlier this year and posted several political messages related to Syria.(Photo: AP)

News organizations may have to revisit policies on retweeting breaking news and shore up the security of their social-media accounts in the fallout from Tuesday's hacking of the Associated Press' Twitter account, media watchers say.

The drama — which unfolded within an hour and sank the stock market by 143 points before it rebounded — is yet another reminder that news agencies' Twitter accounts are indispensable but occasionally unwieldy tools ultimately controlled by a third party.

The official AP account tweeted early Tuesday afternoon that the White House was attacked and President Obama was injured. Six minutes later, the same account confirmed that it was "a bogus tweet."

The AP also subsequently confirmed that its account was hacked, and AP reporter Mike Baker told his followers on Twitter that it was a result of a phishing e-mail, in which the culprit tries to get personal information under false pretenses.

The Syrian Electronic Army, which supports President Bashar al-Assad, later took credit for hacking the AP account.

The same group also reportedly hacked into BBC Weather's Twitter account earlier this year and posted several political messages related to Syria.

"In light of this, news organizations have to certainly increase security procedures so that they can't be hacked so easily," says Stephen Ward, director of the Center for Journalism Ethics at the University of Wisconsin-Madison. "(If it was phishing that led to this), then that is not proper security. They've got to review security procedures."

While hacking is an inevitable part of social-media interactions, the AP's tweet had the dramatic impact it had — with about 1,800 retweets before the AP correction — because its credibility is valued even in the ephemeral world of Twitter.

Protecting their social-media accounts and clarifying to readers how and when their news messages are disseminated via Twitter will reinforce the credibility of major news agencies, says Dominic Lasorsa, a journalism professor at the University of Texas who has researched the topic of journalists' use of Twitter.

"This is the kind of stuff the media has to deal with today," he says. "It's difficult to stay ahead of the hacking community. But our reputation is all we've got going for us. News media organizations need to be more savvy about the problem."

The issue also underscores the two-tier system of news distribution taking place in many newsrooms. Much time and pride are invested in the printed word and stories posted on news outlets' official websites, Ward says, but the need to breathlessly keep up with social-media crowds has loosened control of the messages on those channels.

"The whole retweeting area is a miasma," Ward says. "It's a ball of unclarity right now. The right policy is that we don't pick up retweets unless we absolutely have to. We can't control how individuals use social media. But news organizations have to hold the line here. It just means we may not be the first (with) the story, and we just have to accept that."

Luckily, Twitter has a way of quickly ferreting out crucial messages with questionable sources, and the AP tweet was dismissed by readers within minutes.

But the issue of speed in news dissemination surfaced yet again at AP for the second time in two weeks. The news agency was one of several major news organizations to report inaccurately that suspects in the Boston terror attack were in the custody of law enforcement officials before they actually were.

"Because social media allows people to say anything and distribute to millions of people, it puts pressure on the mainstream media to act quickly," Lasorsa says. "There's a lot of pressure to keep up with social media. And it's a real dilemma."